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The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 03 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)^1 Responsive to communication(s) filed on 27 September 2006 . 
2a)K This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1-21 and 24-54 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) Q Claim(s) is/are allowed. 

6) E3 Claim(s) 1-21. 24-54 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) E3 The drawing(s) filed on 22 October 2001 is/are: a)S accepted or b)D objected to by the Examiner. . 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)DAII b)D Some * c)D None of: 

Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. This action is response to communications: application, filed 10/22/2001; amendment 
filed 09/27/2006. Claims 1-21 and 24-54 are pending; claims 22-23 and 55-59 are cancelled 

2. The applicant's arguments filed on 09/27/2006 have fully considered but they are moot 
in view with new ground for rejection 



Claims rejections-35 USC § 112 

The following is a quotation of the first paragraph of 35 U.S.C. 1 12: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

Claims 1 and 27 are rejected under 35 U.S.C. 1 12, first paragraph, as failing to comply 
with the written description requirement. The claim(s) contains subject matter matter such as 
"modifying authorization" which was not described in the specification in such a way as to 
reasonably convey to one skilled in the relevant art that the inventor(s), at the time the 
application was filed, had possession of the claimed invention. 
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Claim rejections-35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or descry bed as set forth in section 
102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the 
subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill 
in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

Claims 1-12 and 14-21, 24-28, 31-36, 41-43, 45-50, 52-54 are rejected under 35 U.S.C 
103(a) as being un-patentable over Tuatini (U.S. 2001/0047385) in view of Koppolu et al. 
(U.S. 5,754,175) in view of Lee et al. (U.S. 6,823,458) and further in view of Jenkins et al. 
(U.S. 6,678,682) 

Regarding to claim 1: 

Tuatini discloses the invention substantially as claimed, including a method, which can 

be implemented in a computer hardware or software code for one of the plurality of applications 

♦ 

to operate on data related to the identity, the method comprising the following: 

Formulating a request to operate on the data includes an act of constructing a network 
message in accordance with a message format that is recognized by the service, the network 
message representing a request to perform the operation on the data structure, and an act of 
dispatching the network message to the service: (Tuatini discloses an application framework 
selects an appropriated "application architecture" which is equivalent to "data structure" for 
executing a received service request; Tuatini discloses the translation logic of translator of 
application framework is responsible for generating and sending a response that is in the service- 
specific format; The application framework also identifies application action handler components 



f 
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and application view handler components those can service the service request. Then the 
application framework sends an appropriated application program with appropriated architecture 
to implement the service request: abstract, lines 1-17; [0061]-[0063]; [0065]-[0068]; [0112]) 

However, Tuatini does not explicitly disclose identifying data associated with an identity, 
which is maintained by a service independent of an application seeking to operate on the data as 
a data object organized into a data structure according to a schema recognized by a number of 
different applications: (Koppolu discloses binding between object data structure which includes 
pointers to interface data structure and "class identifier" which is equivalent to "an identity" used 
to access "the appropriate server application" which is equivalent to "data structure types": 
column 9, lines 1-67; column 10, lines 1-32 ) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Koppolu' s ideas of using class identifier to access appropriate 
server application with Tuatini' s system in order to provide an efficient centralize interprocess 
communications mechanism wherein a certain process application is provide base on identify of 
the request message: (column 10, lines 57-67) 

However, Tuatini- Koppolu does not explicitly disclose including request identify in the 
message 

In analogous art, Lee discloses method for using unique identifier includes in header of 
message which is used to associating with stored resource data structure: (abstract, lines 1-16) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Lee's ideas of using unique identifier to identifying the request 
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with Tuatini 's system in order to provide a secure communication system, see (Lee: abstract, 
lines 1-10; column 5, lines 12-18) 

However, Tuatini - Koppolu-Lee does not explicitly disclose the identity can grant or 
retract authorizations by modifying data in the data structure 

In analogous art, Jenkins discloses an automated enterprise access management control 
provides services for plurality of register applications; wherein the application id is used to verify 
access authorization: (column 4, lines 15-67) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Jenkins's ideas of using application id to verify access 
authoization with Tuatini - Koppolu-Lee 's system in order to provide secure enterprise access 
management control system, see (column 1, lines 39-49) 

Regarding to claims 24 \ 27 and 54: 

Those claims are rejected under rationale of claim 1 

Regarding to claims 31-32, 45-48, 53: 

Those claims are rejected under rationale of claim 27 

Regarding to claim 2: 

In addition to rejection in claim 1, Tuatini - Koppolu-Lee- Jenkins further discloses the 
act of dispatching the network message to the service comprises dispatching the network 
message directly to the service without first communicating with a locator service: (Tuatini 
discloses direct communications between application framework and client devices in order to 
select an appropriated program with an appropriated data structure: [0061]-[0063]; [0065]- 
[0068]; [01 12]) 
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Regarding to claims 1 7-18: 

Those claims are rejected under rationale of claim 2 

Regarding to claims 33-34: 

In addition to rejection in claim 32, Tuatini - Koppolu-Lee- Jenkins further discloses the 
act of dispatching the second network message comprises an act of dispatching the second 
network message to the one of the plurality of application programs: (Tuatini discloses the 
application framework receives a service request from client device, and selects an appropriated 
application program for executing the service request: [0065]-[0068]; [01 12]) 

Regarding to claims 35-36: 

In addition to rejection in claim 27, Tuatini - Koppolu-Lee- Jenkins further discloses 
contact information corresponding to the identity: (Lee discloses an apparatus and method for 
securing system resources in a concurrent multiple operating system environment, wherein when 
a device/or application requests access to system resources by using a unique identifier: abstract, 
lines 1-16) 

Regarding to claims 41-43: 

Those claims are rejected under rationale of claim 35 
Regarding to claim 3: 

In addition to rejection in claim 1, Tuatini - Koppolu-Lee- Jenkins further discloses a 
content data structure that represents the actual data of interest: (Tuatin discloses "service 
request" which is equivalent to "the actual data of interest": [0061]-[0063]) 

Regarding to claims 4-5: 
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In addition to rejection in claim 1, Tuatini - Koppolu-Lee- Jenkins further discloses data 
structure: (Tuatin discloses "application architecture" which is equivalent to "data structure": 
[0061]-[0063]; [0065]-[0068]; [0112]) 

Regarding to claim 6: 

In addition to rejection in claim 1, Tuatini - Koppolu-Lee- Jenkins further discloses the 
data that is to be operated on is not directly accessed by the plurality of application, but is only 
directly accessed via the service: (Tuatini discloses an "application architecture" which is 
equivalent to "a systems data structure" and "an access control data structure": abstract, lines 1— 
17; page 3, right column, lines 40-52) 

Regarding to claims 7-8: 

In addition to rejection in claim 1, Tuatini - Koppolu-Lee- Jenkins further discloses an 
act of the granting the application access to the data structure prior to the acts of identifying, 
constructing, and dispatching, wherein the decision on whether or not to grant the application 
accesses is based on permission provided by the identity: (Lee discloses an apparatus and method 
for securing system resources in a concurrent multiple operating system environment, wherein 
when a device/or application requests access to system resources by using a unique identifier: 
abstract, lines 1-16) 

Regarding to claims 9-10: 

In addition to rejection in claim 1, Tuatini - Koppolu-Lee- Jenkins further discloses an act 
of determining an address of the service: (Tuatini discloses "the client sends the requests services 
of the application program," this process is shared functionality with "determining an address of 
the service": abstract, lines 1-17; page 3, right column, lines 29-43) 
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Regarding to claims 11-12 and 26: 

In addition to rejection in claims 9 and 24, Tuatini - Koppolu-Lee- Jenkins further 
discloses an act of constructing a second network message in accordance with the message 
format that is recognized by a locator service, the second network message representing a query 
for the address using the identification of the identity: (Tuatini discloses the application 
framework identifies application action handler components and application view handler 
components, those can service the request and format the response. Then the application 
framework sends the application program to implement the client request to client: abstract, lines 
1-17; page 2, right column, lines 43-55; page 3, left column, lines 1-19, right column, lines 
29-43) 

An act of dispatching the second network message to the locator service: (Tuatini 
discloses the client sends the requests of services to "the application framework" which is 
equivalent to "the locator service": page 3, right column, lines 29-43) 

An act of receiving a response from the locator service that includes the address: (Tuatini 
discloses the client requests services by sending a request message in a client-specific format. 
Then the translator is responsible for translating the request received from a client system in the 
clients-specific format into the application-specific format defined for business logic. The 
application view handler is responsible for generating and sending a response that is in the client- 
specific format: abstract, lines 1-17; page 2, right column, lines 43-55; page 3, left column, lines 
1-19, right column, lines 29-43) 

Regarding to claim 16: 
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In addition to rejection in claim 1, Tuatini - Koppolu-Lee- Jenkins further discloses an act 
of dispatching the network message to the service using a transport protocol that is compatible 
with transport over the Internet: (Although Tuatini does not explicitly disclose transport protocol; 
however this feature is deemed to be inherent to the Tuatini's system in order to perform 
communication between application framework and clients: abstract, lines 1-17; page 2, right 
column, lines 43-55; page 3, left column, lines 1-19, right column, lines 29-43) 

Regarding to claims 25 and 49: 

In addition to rejection in claims 24 and 48, Tuatini - Koppolu-Lee- Jenkins further 
discloses computer-readable media are physical storage media: (Tuatini: figure 30, item 3002; 
Figure 40, items 4005, 4010, 4015). 

Regarding to claims 14 and 15: 

In addition to rejection in claim 1, Tuatini - Koppolu-Lee- Jenkins further discloses an act 
of dispatching the network request to a locator service that maintains a list of addresses for 
type-specific data services corresponding to the identity: (Tuatini discloses "the configuration 
file" which is equivalent to "list of addresses for type-specific data services corresponding to the 
identity" wherein the appropriate application program for request can be indicated: page 3, left 
column, lines 19-63, right column, lines 1-12) 

Regarding to claims 28 and 50: 

In addition to rejection in claims 27 and 48, Tuatini - Koppolu-Lee- Jenkins further 
discloses the act of performing the requested operation, an act of determining that the one of the 
plurality of applications is authorized to perform the requested operation on the data structure 
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based on permissions provided by the identity, see (Tuatini: [0061]-[0063]; [0065]-[0068]; 
[0112]) 

Regarding to claim 52: 

This claim is rejected under rationale of claims 1 and 27 
Regarding to claim 19: 

In addition to rejection in claim 1, Tuatini - Koppolu-Lee- Jenkins further discloses the 
identity is an individual: (Jenkins discloses the principal could be "users" which is equivalent to 
"individuals": column 7, lines 10-15) 

Regarding to claim 20: 

In addition to rejection in claim 1, Tuatini - Koppolu-Lee- Jenkins further discloses the 
identity is a group of individuals: (Jenkins discloses the principal could be "division" which is 
equivalent to "group of individuals:" column 7, lines 10-15) 

Regarding to claim 21: 

In addition to rejection in claim 1, Tuatini - Koppolu-Lee- Jenkins further discloses the 
identity is an organization: (Jenkins discloses the principal could be "companies" which is 
equivalent to "organizations:" column 7, lines 10-15) 

Claims 37- 40 and 44 are rejected under 35 U.S.C 103(a) as being un-patentable 
over Tuatini - Koppolu-Lee- Jenkins in view of Shigetomi et al. (U.S. 2002/0055951) 
Regarding to claim 37: 
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Tuatini - Koppolu-Lee- Jenkins discloses the invention substantially as disclosed in claim 
27, but does not explicitly teach wherein the data structure represents grocery list information 
corresponding to the identity 

However, Shigetomi discloses a storage medium that contains various services such as: 
"goods" which is equivalent to "grocery", movie, MP3 and more, see (Shigetomi: figures 4 and 
5) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Shigetomi's ideas of using storage medium which contains 
various services with Tuatini - Koppolu-Lee- Jenkins 's system in order to select a desire service 
from a plurality services stored in a storage medium, see (Shigetomi: abstract, lines 1-18) 

Regarding to claim 38: 

Tuatini - Koppolu-Lee- Jenkins discloses the invention substantially as disclosed in claim 
27, but does not explicitly teach wherein the data structure represents in-box information 
corresponding to the identity 

However, Shigetomi discloses a storage medium, which contains various services such 
as: "email" which is equivalent to "in-box information", movie, MP3 and more, see (Shigetomi: 
figures 4 and 5) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Shigetomi's ideas of using storage medium which contains 
various services with Tuatini - Koppolu-Lee- Jenkins f s system in order to select a desire service 
from a plurality services stored in the storage medium, see (Shigetomi: abstract, lines 1-18) 

Regarding to claim 39: 
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Tuatini - Koppolu-Lee- Jenkins discloses the invention substantially as disclosed in claim 
27, but does not explicitly teach wherein the data structure represents music service information 
corresponding to the identity. 

However, Shigetomi discloses a storage medium which contains various services such as: 
"MP3" which is equivalent to "music", see (Shigetomi: figures 4 and 5) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Shigetomi's ideas of using storage medium which contains 
various services with Tuatini - Koppolu-Lee- Jenkins 's system in order to select a desire service 
from a plurality services stored in the storage medium, see (Shigetomi: abstract, lines 1-18) 

Regarding to claim 40: 

Tuatini - Koppolu-Lee- Jenkins discloses the invention substantially as disclosed in claim 
27, but does not explicitly teach wherein the data structure represents calendar, information 
corresponding to the identity 

In analogous art, Shigetomi discloses a storage medium, which contains various services 
such as: calendar function, see (Shigetomi: page 1, right column, lines 51-52) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Shigetomi's ideas of using storage medium which contains 
various services with Tuatini - Koppolu-Lee- Jenkins's system in order to select a desire service 
from a plurality services stored in the storage medium, see (Shigetomi: abstract, lines 1-18) 

Regarding to claim 44: 
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Tuatini - Koppolu-Lee- Jenkins discloses the invention substantially as disclosed in claim 
27, but does not explicitly teach wherein the data structure represents favorite Web site 
information corresponding to the identity 

In analogous art, Shigetomi discloses a storage medium which contains various services 
such as: website function, see (Shigetomi: page 1, right column, lines. 5 1-52) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Shigetomi's ideas of using storage medium which contains 
various services with Tuatini - Koppolu-Lee- Jenkins 's system in order to select a desire service 
from a plurality services stored in the storage medium, see (Shigetomi: abstract, lines 1-18) 

Claims 29-30 and 51 are rejected under 35 U.S.C 103(a) as being un-patentable over 
Tuatini - Koppolu-Lee- Jenkins in view of Susaki et al. (U.S. 6,189,032) 

Regarding to claims 29-30 and 51: 

Tuatini - Koppolu-Lee- Jenkins discloses the invention substantially as disclosed in 
claims 28 and 48, but does not explicitly teach the method further comprises an act of 
maintaining a list of access rights to the data structure; and the act of determining that the one of 
the plurality of applications is authorized to perform the requested operation on the data structure 
comprises an act of referring to the list of access rights 

In analogous art, Susaki discloses n a control table" which is equivalent to "a list of access 
rights", see (Susaki: column 2, lines 55-67). 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Susaki's ideas of using storage medium which contains various 
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services with Tuatini - Koppolu-Lee- Jenkins 's system in order to control user access, see 
(Susaki: abstract, lines 1-18) 

Claims 13 is rejected under 35 U.S.C 103(a) as being un-patentable over Tuatini - 
Koppolu-Lee- Jenkins in view of Robotham et al, (U.S. 2002/0015042) 

Regarding to claim 13: 

Tuatini - Koppolu-Lee- Jenkins discloses the invention substantially as disclosed in claim 
1 , but does not explicitly teach wherein the act of constructing a network message in accordance 
with a message format that is recognized by the service comprises the following: an act of 
constructing a network message in accordance with the Simple Object Access Protocol 

In analogous art, Robotham discloses requests and responses between client and server 
may use a protocol such as the Simple Object Access Protocol (SOAP), see (Robotham: page 10, 
left column, lines 35-43) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Robotham's ideas of using Simple Object Access Protocol 
(SOAP) for requesting and responding between client and server with Tuatini - Koppolu-Lee- 
Jenkins 's system in order to allows the server to provide rendering services to any client that 
supports the protocol and the client can interpret the XML-encode contents provided by the 
server, see (Robotham: page 10, left column, lines 35-43) 

The prior arts made of records and not relied upon are considered pertinent to applicant's 
disclosure. The following patents and publications are cited to further show the state of the art 
with respect to "identity-centric data access": 63341 89 
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Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Conclusions 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Lan-Dai Thi Truong whose telephone number is 571-272-7959. 
The examiner can normally be reached on Monday- Friday from 8:30am to 5:00 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Bunjob A. Jaroenchonwanit can be reached on 571-272-3913. The fax phone 
number for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




